How to authenticate users with certificates

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

Use the following steps to authenticate users using a client-side certificate:
  1. Install the service certificate on the WCF service machine.
    • If you are using message security, configure service credentials to set the name and location of the service certificate.
    • If you are using transport security with wsHttpBinding, install the service certificate on IIS and configure the virtual directory to require SSL and client certificate.
  2. Configure the service to use certificates for client credentials type as show in the following example
<wsHttpBinding>
  <binding name="WSHttpBinding_ICalculator">
    <security mode="Message">
       <message clientCredentialType="Certificate" />
    </security>
  </binding>
</wsHttpBinding>
  1. Install the service certificate on the client machine.
  2. Configure the endpoint behavior to set the name and location of the client certificate.
Note: Make sure the the root CA certificate is in the Trusted Root Certification Authorities location on both the server and client machines.

Additional Resources

Last edited May 8, 2008 at 1:02 AM by prashantbansode, version 1

Comments

No comments yet.